Patents by Inventor Nathaniel J. Goss
Nathaniel J. Goss has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20180341756Abstract: Technologies for authenticating a user of a computing device based on an authentication context state includes generating context state outputs indicative of various context states of a mobile computing device based on sensor data generated by sensors of the mobile computing device. An authentication manager of the computing device implements an authentication state machine to authenticate a user of the computing device. The authentication state machine includes a number of authentication states, and each authentication state includes one or more transitions to another authentication state. Each of the transitions is dependent upon a context state output. The computing device may also include a device security manager, which implements a security state machine that includes a number of security states. Transition between security states is dependent upon the present authentication state of the user. The device security manager may implement a different security function in each security state.Type: ApplicationFiled: May 17, 2018Publication date: November 29, 2018Inventors: Ned M. Smith, Nathan Heldt-Sheller, Micah J. Sheller, Kevin C. Wells, Hannah L. Scurfield, Nathaniel J. Goss, Sindhu Pandian, Brad H. Needham
-
Patent number: 10055556Abstract: Technologies for authenticating a user of a computing device based on an authentication context state includes generating context state outputs indicative of various context states of a mobile computing device based on sensor data generated by sensors of the mobile computing device. An authentication manager of the computing device implements an authentication state machine to authenticate a user of the computing device. The authentication state machine includes a number of authentication states, and each authentication state includes one or more transitions to another authentication state. Each of the transitions is dependent upon a context state output. The computing device may also include a device security manager, which implements a security state machine that includes a number of security states. Transition between security states is dependent upon the present authentication state of the user. The device security manager may implement a different security function in each security state.Type: GrantFiled: September 26, 2015Date of Patent: August 21, 2018Assignee: Intel CorporationInventors: Ned M. Smith, Nathan Heldt-Sheller, Micah J. Sheller, Kevin C. Wells, Hannah L. Scurfield, Nathaniel J. Goss, Sindhu Pandian, Brad H. Needham
-
Patent number: 9990479Abstract: Technologies for authenticating a user of a computing device based on an authentication context state includes generating context state outputs indicative of various context states of a mobile computing device based on sensor data generated by sensors of the mobile computing device. An authentication manager of the computing device implements an authentication state machine to authenticate a user of the computing device. The authentication state machine includes a number of authentication states, and each authentication state includes one or more transitions to another authentication state. Each of the transitions is dependent upon a context state output. The computing device may also include a device security manager, which implements a security state machine that includes a number of security states. Transition between security states is dependent upon the present authentication state of the user. The device security manager may implement a different security function in each security state.Type: GrantFiled: December 27, 2014Date of Patent: June 5, 2018Assignee: Intel CorporationInventors: Ned M. Smith, Nathan Heldt-Sheller, Micah J. Sheller, Kevin C. Wells, Hannah L. Scurfield, Nathaniel J. Goss, Sindhu Pandian, Brad H. Needham
-
Publication number: 20180103034Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: ApplicationFiled: November 15, 2017Publication date: April 12, 2018Inventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Patent number: 9922194Abstract: In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.Type: GrantFiled: February 7, 2017Date of Patent: March 20, 2018Assignee: Intel CorporationInventors: Nathaniel J. Goss, Nathan Heldt-Sheller, Kevin C. Wells, Micah J. Sheller, Sindhu Pandian, Ned M. Smith, Bernard N. Keany
-
Publication number: 20180077154Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: ApplicationFiled: November 15, 2017Publication date: March 15, 2018Inventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Publication number: 20180069855Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: ApplicationFiled: November 14, 2017Publication date: March 8, 2018Inventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Publication number: 20170180363Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: ApplicationFiled: March 3, 2017Publication date: June 22, 2017Inventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Publication number: 20170147822Abstract: In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.Type: ApplicationFiled: February 7, 2017Publication date: May 25, 2017Inventors: Nathaniel J. Goss, Nathan Heldt-Sheller, Kevin C. Wells, Micah J. Sheller, Sindhu Pandian, Ned M. Smith, Bernard N. Keany
-
Patent number: 9628477Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: GrantFiled: December 23, 2014Date of Patent: April 18, 2017Assignee: Intel CorporationInventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Patent number: 9600670Abstract: In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.Type: GrantFiled: December 23, 2014Date of Patent: March 21, 2017Assignee: Intel CorporationInventors: Nathaniel J. Goss, Nathan Heldt-Sheller, Kevin C. Wells, Micah J. Sheller, Sindhu Pandian, Ned M. Smith, Bernard N. Keany
-
Patent number: 9467296Abstract: Technologies for utilizing trusted messaging include a local computing device including a message client and a local trusted message module established in a trusted execution environment. The local trusted message module performs attestation of a remote computing device based on communication with a corresponding remote trusted message module established in a trusted execution environment of the remote computing device. The local trusted message module further exchanges, with the remote trusted message module, cryptographic keys in response to successful attestation of the remote computing device. The message client forwards outgoing messages to the local trusted message module and receives incoming messages from the local trusted message module.Type: GrantFiled: August 29, 2014Date of Patent: October 11, 2016Assignee: Intel CorporationInventors: Ned M. Smith, William C. Deleeuw, Thomas G. Willis, Nathaniel J. Goss
-
Publication number: 20160188848Abstract: Technologies for authenticating a user of a computing device based on an authentication context state includes generating context state outputs indicative of various context states of a mobile computing device based on sensor data generated by sensors of the mobile computing device. An authentication manager of the computing device implements an authentication state machine to authenticate a user of the computing device. The authentication state machine includes a number of authentication states, and each authentication state includes one or more transitions to another authentication state. Each of the transitions is dependent upon a context state output. The computing device may also include a device security manager, which implements a security state machine that includes a number of security states. Transition between security states is dependent upon the present authentication state of the user. The device security manager may implement a different security function in each security state.Type: ApplicationFiled: December 27, 2014Publication date: June 30, 2016Inventors: Ned M. Smith, Nathan Heldt-Sheller, Micah J. Sheller, Kevin C. Wells, Hannah L. Scurfield, Nathaniel J. Goss, Sindhu Pandian, Brad H. Needham
-
Publication number: 20160188853Abstract: Technologies for authenticating a user of a computing device based on an authentication context state includes generating context state outputs indicative of various context states of a mobile computing device based on sensor data generated by sensors of the mobile computing device. An authentication manager of the computing device implements an authentication state machine to authenticate a user of the computing device. The authentication state machine includes a number of authentication states, and each authentication state includes one or more transitions to another authentication state. Each of the transitions is dependent upon a context state output. The computing device may also include a device security manager, which implements a security state machine that includes a number of security states. Transition between security states is dependent upon the present authentication state of the user. The device security manager may implement a different security function in each security state.Type: ApplicationFiled: September 26, 2015Publication date: June 30, 2016Inventors: Ned M. Smith, Nathan Heldt-Sheller, Micah J. Sheller, Kevin C. Wells, Hannah L. Scurfield, Nathaniel J. Goss, Sindhu Pandian, Brad H. Needham
-
Publication number: 20160182502Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: ApplicationFiled: December 23, 2014Publication date: June 23, 2016Inventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Publication number: 20160180093Abstract: In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.Type: ApplicationFiled: December 23, 2014Publication date: June 23, 2016Inventors: Nathaniel J. Goss, Nathan Heldt-Sheller, Kevin C. Wells, Micah J. Sheller, Sindhu Pandian, Ned M. Smith, Bernard N. Keany
-
Publication number: 20160088474Abstract: In one embodiment, a security logic of first portable device is configured to receive first motion sample information from at least one motion sensor of the first portable device and second motion sample information from at least one motion sensor of a second portable device, the first and second motion sample information obtained responsive to training movement of the first and second portable devices by a first user. Based on the motion sample information, the security logic is configured to generate a device pairing value, generate a first confidence value based on the first motion sample information and first reference motion sample information stored in the first portable device corresponding to reference movement of the first portable device by the first user, generate a relationship key pair for a relationship, and communicate the first confidence value and a public key of the relationship key pair to the second portable device using the device pairing value.Type: ApplicationFiled: September 23, 2014Publication date: March 24, 2016Inventors: Ned M. Smith, David A. Sandage, William C. Deleeuw, Nathan Heldt-Sheller, Nathaniel J. Goss, John C. Neumann
-
Publication number: 20160065376Abstract: Technologies for utilizing trusted messaging include a local computing device including a message client and a local trusted message module established in a trusted execution environment. The local trusted message module performs attestation of a remote computing device based on communication with a corresponding remote trusted message module established in a trusted execution environment of the remote computing device. The local trusted message module further exchanges, with the remote trusted message module, cryptographic keys in response to successful attestation of the remote computing device. The message client forwards outgoing messages to the local trusted message module and receives incoming messages from the local trusted message module.Type: ApplicationFiled: August 29, 2014Publication date: March 3, 2016Inventors: Ned M. Smith, William C. Deleeuw, Thomas G. Willis, Nathaniel J. Goss